CVE-2011-1311

The Security component in IBM WebSphere Application Server (WAS) before 7.0.0.15, when a J2EE 1.4 application is used, determines the security role mapping on the basis of the ibm-application-bnd.xml file instead of the intended ibm-application-bnd.xmi file, which might allow remote authenticated users to gain privileges in opportunistic circumstances by requesting a service.
Severity
UNKNOWN
AV:N/AC:M/Au:S/C:P/I:P/A:P
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
VendorProductVersion
ibmwebsphere_application_server
𝑥
≤ 7.0.0.13
ibmwebsphere_application_server
2.0
ibmwebsphere_application_server
3.0
ibmwebsphere_application_server
3.0.2
ibmwebsphere_application_server
3.0.2.1
ibmwebsphere_application_server
3.0.2.2
ibmwebsphere_application_server
3.0.2.3
ibmwebsphere_application_server
3.0.2.4
ibmwebsphere_application_server
3.0.21
ibmwebsphere_application_server
3.5
ibmwebsphere_application_server
3.5.1
ibmwebsphere_application_server
3.5.2
ibmwebsphere_application_server
3.5.3
ibmwebsphere_application_server
3.52
ibmwebsphere_application_server
4.0.1
ibmwebsphere_application_server
4.0.2
ibmwebsphere_application_server
4.0.3
ibmwebsphere_application_server
4.0.4
ibmwebsphere_application_server
5.0
ibmwebsphere_application_server
5.0.0
ibmwebsphere_application_server
5.0.1
ibmwebsphere_application_server
5.0.2
ibmwebsphere_application_server
5.0.2.1
ibmwebsphere_application_server
5.0.2.2
ibmwebsphere_application_server
5.0.2.3
ibmwebsphere_application_server
5.0.2.4
ibmwebsphere_application_server
5.0.2.5
ibmwebsphere_application_server
5.0.2.6
ibmwebsphere_application_server
5.0.2.7
ibmwebsphere_application_server
5.0.2.8
ibmwebsphere_application_server
5.0.2.9
ibmwebsphere_application_server
5.0.2.10
ibmwebsphere_application_server
5.0.2.11
ibmwebsphere_application_server
5.0.2.12
ibmwebsphere_application_server
5.0.2.13
ibmwebsphere_application_server
5.0.2.14
ibmwebsphere_application_server
5.0.2.15
ibmwebsphere_application_server
5.0.2.16
ibmwebsphere_application_server
5.1.0
ibmwebsphere_application_server
5.1.0.2
ibmwebsphere_application_server
5.1.0.3
ibmwebsphere_application_server
5.1.0.4
ibmwebsphere_application_server
5.1.0.5
ibmwebsphere_application_server
5.1.1
ibmwebsphere_application_server
5.1.1.1
ibmwebsphere_application_server
5.1.1.2
ibmwebsphere_application_server
5.1.1.3
ibmwebsphere_application_server
5.1.1.4
ibmwebsphere_application_server
5.1.1.5
ibmwebsphere_application_server
5.1.1.6
ibmwebsphere_application_server
5.1.1.7
ibmwebsphere_application_server
5.1.1.8
ibmwebsphere_application_server
5.1.1.9
ibmwebsphere_application_server
5.1.1.10
ibmwebsphere_application_server
5.1.1.11
ibmwebsphere_application_server
5.1.1.12
ibmwebsphere_application_server
5.1.1.13
ibmwebsphere_application_server
5.1.1.14
ibmwebsphere_application_server
5.1.1.15
ibmwebsphere_application_server
5.1.1.16
ibmwebsphere_application_server
5.1.1.17
ibmwebsphere_application_server
6.0
ibmwebsphere_application_server
6.0.0.1
ibmwebsphere_application_server
6.0.0.2
ibmwebsphere_application_server
6.0.0.3
ibmwebsphere_application_server
6.0.1
ibmwebsphere_application_server
6.0.1.1
ibmwebsphere_application_server
6.0.1.2
ibmwebsphere_application_server
6.0.1.3
ibmwebsphere_application_server
6.0.1.5
ibmwebsphere_application_server
6.0.1.7
ibmwebsphere_application_server
6.0.1.9
ibmwebsphere_application_server
6.0.1.11
ibmwebsphere_application_server
6.0.1.13
ibmwebsphere_application_server
6.0.1.15
ibmwebsphere_application_server
6.0.1.17
ibmwebsphere_application_server
6.0.2
ibmwebsphere_application_server
6.0.2.1
ibmwebsphere_application_server
6.0.2.2
ibmwebsphere_application_server
6.0.2.3
ibmwebsphere_application_server
6.0.2.4
ibmwebsphere_application_server
6.0.2.5
ibmwebsphere_application_server
6.0.2.6
ibmwebsphere_application_server
6.0.2.7
ibmwebsphere_application_server
6.0.2.9
ibmwebsphere_application_server
6.0.2.11
ibmwebsphere_application_server
6.0.2.13
ibmwebsphere_application_server
6.0.2.15
ibmwebsphere_application_server
6.0.2.17
ibmwebsphere_application_server
6.0.2.19
ibmwebsphere_application_server
6.0.2.22
ibmwebsphere_application_server
6.0.2.23
ibmwebsphere_application_server
6.0.2.24
ibmwebsphere_application_server
6.0.2.25
ibmwebsphere_application_server
6.0.2.27
ibmwebsphere_application_server
6.0.2.28
ibmwebsphere_application_server
6.0.2.29
ibmwebsphere_application_server
6.0.2.30
ibmwebsphere_application_server
6.0.2.31
ibmwebsphere_application_server
6.0.2.32
ibmwebsphere_application_server
6.1
ibmwebsphere_application_server
6.1.0
ibmwebsphere_application_server
6.1.0.0
ibmwebsphere_application_server
6.1.0.1
ibmwebsphere_application_server
6.1.0.2
ibmwebsphere_application_server
6.1.0.3
ibmwebsphere_application_server
6.1.0.5
ibmwebsphere_application_server
6.1.0.7
ibmwebsphere_application_server
6.1.0.9
ibmwebsphere_application_server
6.1.0.11
ibmwebsphere_application_server
6.1.0.12
ibmwebsphere_application_server
6.1.0.15
ibmwebsphere_application_server
6.1.0.17
ibmwebsphere_application_server
6.1.0.19
ibmwebsphere_application_server
6.1.0.21
ibmwebsphere_application_server
6.1.0.23
ibmwebsphere_application_server
6.1.0.25
ibmwebsphere_application_server
6.1.0.27
ibmwebsphere_application_server
6.1.0.29
ibmwebsphere_application_server
6.1.0.31
ibmwebsphere_application_server
6.1.0.33
ibmwebsphere_application_server
6.1.1
ibmwebsphere_application_server
6.1.3
ibmwebsphere_application_server
6.1.5
ibmwebsphere_application_server
6.1.6
ibmwebsphere_application_server
6.1.7
ibmwebsphere_application_server
6.1.13
ibmwebsphere_application_server
6.1.14
ibmwebsphere_application_server
7.0
ibmwebsphere_application_server
7.0.0.1
ibmwebsphere_application_server
7.0.0.2
ibmwebsphere_application_server
7.0.0.3
ibmwebsphere_application_server
7.0.0.4
ibmwebsphere_application_server
7.0.0.5
ibmwebsphere_application_server
7.0.0.6
ibmwebsphere_application_server
7.0.0.7
ibmwebsphere_application_server
7.0.0.8
ibmwebsphere_application_server
7.0.0.9
ibmwebsphere_application_server
7.0.0.11
𝑥
= Vulnerable software versions
Common Weakness Enumeration